[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: How do SVNPath and SVNParentPath for mod_authz_svn determine the repository name

From: David Anderson <david.anderson_at_calixo.net>
Date: 2005-09-18 00:22:47 CEST

Sunjammer wrote:
> Thoughts?

I reported this bug on the May 26th in Apache-httpd's bugzilla, under
the mod_dav section: http://issues.apache.org/bugzilla/show_bug.cgi?id=35077

Unfortunately, in hindsight of what I've learned of Apache and svn
since, mod_dav is not really to blame. It seems the LocationMatch
problem runs deeper, in the behaviour of the directive itself.

If someone has the time and sufficient knowledge of apache-httpd,
getting to the root of this problem and posting a bug report targetted
at the right element of the httpd would be really nice.

> I'm expecting someone to say don't allow LocationMatch. This would
> prevent me being able to use mod_authz_svn to secure the ViewCVS browse
> interface by URL and yet still be able to have the top level list of
> repositories unprotected (and therefore free of the curse of a realm
> username/password challenge dialog).

I won't. See my bug report. I was trying to set up a LocationMatch so
that /svn followed by /[a-z]+ (using a lookahead assertion) would be
passed to mod_dav_svn. This would have enabled querying /svn/index.html
and other files with no further hassle, facilitating the construction of
a repository listing with a logical URI pattern (foo.com/svn lists
repositories, foo.com/svn/bar is repository bar). But because of the way
LocationMatch behaves, I got stuck mostly as you did.

> Of course then someone will say that I shouldn't be using mod_authz_svn
> to secure anything but what it was intended to secure, i.e. the URL
> space reserved for SVN repository addressing and *not* my ViewCVS URL
> space. To that I can only say "fair cop guvnor" - although mod_authz_svn
> is damn useful the way I'm abusing it :)

As long as it works the way you abuse it, where is the problem? The
problem here is not with svn imho, but rather with the way apache-httpd
treats LocationMatch and subsystems invoked on a LocationMatch.

Any opinions by more apache-savvy people on this + my aging bugreport?

- Dave.

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sun Sep 18 00:23:24 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.